<?php
/***************************************************************************
 *                              reportpost.php
 *                            -------------------
 *   begin                : Saturday, Sep 14, 2002
 *   copyright            : (C) 2002 Saerdnaer
 *   email                : saerdnaer@web.de
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
	die("Hacking attempt");
}
if ( defined('REPORT_POST_INCLUDED') )
{
	return;
}
define('REPORT_POST_INCLUDED', true);

class Report_post_class {
	var $error_code;

	function get_forum_auth_sql($userdata, $table_prefix = '', $sql_prefix = 'AND', $sql_prefix2 = '', $sql_suffix = '')
	{
		global $board_config, $db;
		if ( $userdata['user_level'] == ADMIN )
		{
			return '';
		}
		else if ( $userdata['user_level'] <= USER )
		{
			return false;
		}
		else if ( $board_config['report_only_admin'] && $userdata['user_level'] > USER )
		{
			return false;
		}
		$sql = "SELECT aa.forum_id
			FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
			WHERE aa.auth_mod = " . TRUE . "
				AND ug.group_id = aa.group_id
				AND ug.user_id = '" . $userdata['user_id'] . "'";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(GENERAL_ERROR, "Could not forums for mod", "", __LINE__, __FILE__, $sql);
		}
		$forums_auth_count = 0;
		while ( $row = $db->sql_fetchrow($result) )
		{
			$forums_auth .= ( empty($forums_auth) ? '' : ',' ) . $row['forum_id'];
			$forums_auth_count++;
		}
		$db->sql_freeresult($result);
		if ( $forums_auth_count == 0 )
		{
			return false;
		}
		else
		{
			$forums_sql = $sql_prefix . ' ' . $table_prefix .  'forum_id ' . $sql_prefix2 . ' IN (' . $forums_auth . ')' . $sql_suffix;
			return $forums_sql;
		}
	}
	function get_mods_auth_sql($forum_id, $suffix = '')
	{
		global $board_config;
		$auth_sql = "AND " . $suffix . "user_level = " . ADMIN;
		if ( !$board_config['report_only_admin'] )
		{
			$mods_sql = $this->get_moderators($forum_id);
			if ( !empty($mods_sql) )
			{
				$auth_sql = "AND ( " . $suffix . "user_level = " . ADMIN . " OR ( " . $suffix . "user_level > " . USER . " AND " . $suffix . "user_id IN (" . $mods_sql . ") ) )";
			}
		}
		return $auth_sql;
	}

	function check_report_popup($userdata)
	{
		global $db;
		$auth_sql = $this->get_forum_auth_sql($userdata, 'p.');
		if ( $auth_sql === false )
		{
			$this->reset_refresh_report_popup($userdata['user_id']);
			return false;
		}
		$sql = "SELECT COUNT(*) AS num 
			FROM " . REPORTS_TABLE . " r, " . POSTS_TABLE . " p 
			WHERE r.report_status = 0 
				AND p.post_id = r.report_post_id 
				AND p.post_report = 1 
				$auth_sql";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(GENERAL_ERROR, "Error by getting report status.", "", __LINE__, __FILE__, $sql);
		}
		$row = $db->sql_fetchrow($result);
		$db->sql_freeresult($result);
		if ( $row['num'] > 0 )
		{
			$return = true;
		}
		else
		{
			$return = false;
		}
		$this->reset_refresh_report_popup($userdata['user_id']);
		return $return;
	}
	function reset_refresh_report_popup($user_id)
	{
		global $db;
		$sql = "UPDATE " . USERS_TABLE . "
			SET refresh_report_popup = 0
			WHERE user_id = $user_id";
		if ( !$db->sql_query($sql) )
		{
			message_die(GENERAL_ERROR, "Couldn't reset refresh_report_popup.", "", __LINE__, __FILE__, $sql);
		}
		return true;
	}
	function set_refresh_report_popup($forum_id)
	{
		global $db;
		$auth_sql = $this->get_mods_auth_sql($forum_id);
		$sql = "UPDATE " . USERS_TABLE . "
			SET refresh_report_popup = 1
			WHERE no_report_popup = 0
				AND refresh_report_popup = 0
				$auth_sql";
		if ( !$db->sql_query($sql) )
		{
			message_die(GENERAL_ERROR, "Couldn't set refresh_report_popup.", "", __LINE__, __FILE__, $sql);
		}
		return true;
	}
	function report_auth(&$userdata, $redirect = '-1')
	{
		global $db, $board_config;
		if ( isset($userdata['report_auth']) )
		{
			return $userdata['report_auth'];
		}
		if ( !empty($board_config['report_no_guestes']) && !$userdata['session_logged_in'] )
		{
			if ( $redirect != '-1' )
			{
				$this->login_redirect($redirect);
			}
			return $userdata['report_auth'] = false;
		}
		if ( !empty($board_config['report_no_auth_users']) )
		{
			if ( strpos(' ,' . $board_config['report_no_auth_users'] . ',', ',' . $user_id . ',') )
			{
				return $userdata['report_auth'] = false;
			}
		}
		if ( !empty($board_config['report_no_auth_groups']) )
		{
			$sql = "SELECT count(*) AS count FROM " . USER_GROUP_TABLE . " WHERE user_id = '" . $user_id . "' AND group_id IN(" . $board_config['report_no_auth_groups'] . ")";
			if ( !($result = $db->sql_query($sql)) )
			{
				message_die(GENERAL_ERROR, "Could not select no report auth groups infos", "", __LINE__, __FILE__, $sql);
			}
			$row = $db->sql_fetchrow($result);
			$db->sql_freeresult($result);
			if ( $row['count'] > 0 )
			{
				return $userdata['report_auth'] = false;
			}
		}
		return $userdata['report_auth'] = true;
	}
	function report_disabled($user_id)
	{
		global $db, $board_config;
		if ( !empty($board_config['report_disabled_users']) )
		{
			if ( strpos(' ,' . $board_config['report_disabled_users'] . ',', ',' . $user_id . ',') )
			{
				return true;
			}
		}
		if ( !empty($board_config['report_disabled_groups']) )
		{
			$sql = "SELECT count(*) AS count FROM " . USER_GROUP_TABLE . " WHERE user_id = '" . $user_id . "' AND group_id IN(" . $board_config['report_disabled_groups'] . ")";
			if (!$result = $db->sql_query($sql))
			{
				message_die(GENERAL_ERROR, "Could not select report disabled groups infos", "", __LINE__, __FILE__, $sql);
			}
			$row = $db->sql_fetchrow($result);
			$db->sql_freeresult($result);
			if ( $row['count'] > 0 )
			{
				return true;
			}
		}
		return false;
	}
	function report_disabled2($user_id)
	{
		global $db, $board_config;
		static $disabled_user_ids, $got_disabled_user_ids;
		if ( empty($got_disabled_user_ids) )
		{
			$disabled_user_ids = array();
			if ( !empty($board_config['report_disabled_users']) )
			{
				$disabled_user_ids = array_flip( explode(',', $board_config['report_disabled_users']) );
			}
			if ( !empty($board_config['report_disabled_groups']) )
			{
				$sql = "SELECT user_id FROM " . USER_GROUP_TABLE . " WHERE group_id IN(" . $board_config['report_disabled_groups'] . ")";
				if (!$result = $db->sql_query($sql))
				{
					message_die(GENERAL_ERROR, "Could not select report disabled groups infos", "", __LINE__, __FILE__, $sql);
				}
				while ( $row = $db->sql_fetchrow($result) )
				{
					$disabled_user_ids[$row['user_id']] = true;
				}
				$db->sql_freeresult($result);
			}
			$got_disabled_user_ids = true;
		}
		if ( isset($disabled_user_ids[$user_id]) )
		{
			return true;
		}
		return false;
	}
	function is_moderator(&$userdata, $forum_id)
	{
		global $db;
		if ( isset($userdata['is_moderator_' . $forum_id]) )
		{
			return $userdata['is_moderator_' . $forum_id];
		}
		else
		{
			if ( !$userdata['session_logged_in'] )
			{
				return $userdata['is_moderator_' . $forum_id] = false;
			}
			else if ( $userdata['user_level'] == ADMIN )
			{
				return $userdata['is_moderator_' . $forum_id] = true;
			}
			else if ( $userdata['user_level'] > USER )
			{
				$sql = "SELECT count(*) AS num
					FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
					WHERE aa.forum_id = '$forum_id'
						AND aa.auth_mod = " . TRUE . "
						AND ug.group_id = aa.group_id
						AND ug.user_id = '" . $userdata['user_id'] . "'";
				if ( !($result = $db->sql_query($sql)) )
				{
					message_die(GENERAL_ERROR, 'Could not get moderator status', '', __LINE__, __FILE__, $sql);
				}
				$row = $db->sql_fetchrow($result);
				$db->sql_freeresult($result);
				if ( !empty($row['num']) )
				{
					return $userdata['is_moderator_' . $forum_id] = true;
				}
			}
			return $userdata['is_moderator_' . $forum_id] = false;
		}
	}
	function get_moderators($forum_id)
	{
		global $db;
		static $backup;
		if ( $backup == NULL )
		{
			$backup = array();
		}
		if ( empty($backup[$forum_id]) )
		{
			$sql = "SELECT ug.user_id
				FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
				WHERE aa.forum_id = $forum_id
					AND aa.auth_mod = " . TRUE . "
					AND ug.group_id = aa.group_id
				GROUP BY ug.user_id
				ORDER BY ug.user_id";
			if ( !$result = $db->sql_query($sql) )
			{
				message_die(GENERAL_ERROR, 'Could not query forum moderators', '', __LINE__, __FILE__, $sql);
			}

			$moderators = '';
			while ( $row = $db->sql_fetchrow($result) )
			{
				$moderators .= ( empty($moderators) ? '' : ',' ) . $row['user_id'];
			}
			$db->sql_freeresult($result);
			$backup[$forum_id] = $moderators;
		}
		return $backup[$forum_id];
	}
	// Mail functions for phpBB Version <= 2.0.4 
	// Uncomment this if you need it - Do not forget to comment the other part then
	/* 
	function send_mail($to_userdata, $data)
	{
		global $emailer, $board_config, $phpEx;
		static $header, $email_headers, $server_url;

		if ( !$header )
		{
			$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
			$script_name = preg_replace('/^\/?(.*?)\/?$/', "\\1", trim($board_config['script_path']));
			$script_name = ( $script_name != '' ) ? $script_name . '/' : '';
			$server_url = ( $board_config['cookie_secure'] ? 'https://' : 'http://' ) . trim($board_config['server_name']) . ( $board_config['server_port'] <> 80  ? ':' . trim($board_config['server_port']) . '/' : '/' ) . $script_name;
			$header = true;
		}

		if ( !isset($emailer) )
		{
			include('includes/emailer.'.$phpEx);
			$emailer = new emailer($board_config['smtp_delivery']);
		}
		if ( $to_userdata['user_lang'] != $board_config['default_lang'] && !empty($to_userdata['user_lang']) )
		{
			include($phpbb_root_path . 'language/lang_' . $to_userdata['user_lang'] . '/lang_main.' . $phpEx);
		}
		else
		{
			global $lang;
		}
		if ( $data['poster_id'] == ANONYMOUS )
		{
			$postername = ( empty($data['post_username']) ? $lang['Guest'] : trim($data['post_username']) . ' (' . $lang['Guest'] . ')' );
		}
		else
		{
			$postername = $data['postername'];
		}

		$emailer->use_template('report_notify', $to_userdata['user_lang']);
		$emailer->extra_headers($email_headers);
		$emailer->email_address($to_userdata['user_email']);
		$emailer->set_subject();

		$emailer->assign_vars(array(
			'USERNAME' => $to_userdata['username'],
			'REPORTER' => $data['reportername'],
			'POSTER' => $postername,
			'SITENAME' => $board_config['sitename'],
			'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

			'U_POST' => $server_url . "viewtopic.$phpEx?" . POST_POST_URL . "=" . $data['post_id'] . '#' . $data['post_id'],
			'U_REPORTS' => $server_url . "report.$phpEx")
		);

		$emailer->send();
		$emailer->reset();
	}
	function do_notification($forum_id, $data)
	{
		global $db;
		$auth_sql = $this->get_mods_auth_sql($forum_id);
		$sql = "SELECT username, user_email, user_lang
			FROM " . USERS_TABLE . "
			WHERE no_report_mail = 0 $auth_sql";
		if ( !$result = $db->sql_query($sql) )
		{
			message_die(GENERAL_ERROR, "Couldn't notify moderstors and amdins.", "", __LINE__, __FILE__, $sql);
		}
		while( $to_userdata = $db->sql_fetchrow($result) )
		{
			$this->send_mail($to_userdata, $data);
		}
		$db->sql_freeresult($result);
		return true;
	}
	// */
	// Mail function for phpBB Version >= 2.0.5
	// Comment this part and uncomment the other part if you have a phpBB Version <= 2.0.4

	function do_notification($forum_id, $data)
	{
		global $db, $emailer, $board_config, $phpEx;
		$bcc_list_ary = array();
		$auth_sql = $this->get_mods_auth_sql($forum_id);
		$sql = "SELECT username, user_email, user_lang
			FROM " . USERS_TABLE . "
			WHERE no_report_mail = 0 $auth_sql";
		if ( !$result = $db->sql_query($sql) )
		{
			message_die(GENERAL_ERROR, "Couldn't notify moderstors and admins.", "", __LINE__, __FILE__, $sql);
		}
		if ($row = $db->sql_fetchrow($result))
		{
			@set_time_limit(60);
			do
			{
				if ($row['user_email'] != '')
				{
					$bcc_list_ary[$row['user_lang']][] = $row['user_email'];
				}
			}
			while ( $row = $db->sql_fetchrow($result) );

			if (preg_match('#[c-z]:\\\.*#i', getenv('PATH')) && !$board_config['smtp_delivery'])
			{
				$ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var';
				$board_config['smtp_delivery'] = 1;
				$board_config['smtp_host'] = @$ini_val('SMTP');
			}

			if ( count($bcc_list_ary) > 0 )
			{
				if ( !isset($emailer) )
				{
					include('includes/emailer.'.$phpEx);
					$emailer = new emailer($board_config['smtp_delivery']);
				}



                      $script_name = 'modules.php?name=Forums&file=';
                      $server_name = trim($board_config['server_name']);
                      $server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
                      $server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
                      $server_url = $server_protocol . $server_name . $server_port . $script_name;

				if ( $data['poster_id'] == ANONYMOUS )
				{
					$postername = empty($data['post_username']) ? $lang['Guest'] : $data['post_username'];
					// The guest language variable isn't the best solution here
				}
				else
				{
					$postername = $data['postername'];
				}
				
				$emailer->from($board_config['board_email']);
				$emailer->replyto($board_config['board_email']);

				@reset($bcc_list_ary);
				while ( list($user_lang, $bcc_list) = each($bcc_list_ary) )
				{
					$emailer->use_template('report_notify', $user_lang);
					for ($i = 0; $i < count($bcc_list); $i++)
					{
						$emailer->bcc($bcc_list[$i]);
					}
					$emailer->set_subject($lang['Report_mail_title']); 
					$emailer->assign_vars(array(
						'REPORTER' => $data['reportername'],
						'POSTER' => $postername,
						'SITENAME' => $board_config['sitename'],
						'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

						'U_POST' => $server_url . "viewtopic&" . POST_POST_URL . "=" . $data['post_id'] . '#' . $data['post_id'],
						'U_REPORTS' => $server_url . "report")
					);
					$emailer->send();
					$emailer->reset();
				}
			}
		}
		$db->sql_freeresult($result);
		return true;
	}
	// END Mail Functions
	
	function check_access(&$userdata)
	{
		global $board_config;
		if ( isset($userdata['report_access']) )
		{
			return $userdata['report_access'];
		}
		if ( $userdata['user_level'] == ADMIN )
		{
			return $userdata['report_access'] = true;
		}
		if ( !$board_config['report_only_admin'] && $userdata['user_level'] > USER )
		{
			return $userdata['report_access'] = true;
		}
		return $userdata['report_access'] = false;
	}
	function check_access_redirect(&$userdata, $redirect = '')
	{
		global $board_config;
		if ( !$userdata['session_logged_in'] )
		{
			$this->login_redirect($redirect);
		}
		if ( isset($userdata['report_access']) )
		{
			return $userdata['report_access'];
		}
		if ( $userdata['user_level'] == ADMIN )
		{
			return $userdata['report_access'] = true;
		}
		if ( !$board_config['report_only_admin'] && $userdata['user_level'] > USER )
		{
			return $userdata['report_access'] = true;
		}
		$userdata['report_access'] = false;
		message_die(GENERAL_ERROR, 'Report_no_access');
	}
	function check_forum_access(&$userdata, $forum_id, $redirect = '-1', $no_msg = false)
	{
		global $board_config;
		if ( !$userdata['session_logged_in'] )
		{
			if ( $redirect != '-1' )
			{
				$this->login_redirect($redirect);
			}
			return $userdata['report_access3_' . $forum_id] = false;
		}
		if ( !isset($userdata['report_access3_' . $forum_id]) )
		{
			if ( $userdata['user_level'] == ADMIN )
			{
				return $userdata['report_access3_' . $forum_id] = true;
			}
			if ( !$board_config['report_only_admin'] && $userdata['user_level'] > USER && $this->is_moderator($userdata, $forum_id) )
			{
				return $userdata['report_access3_' . $forum_id] = true;
			}
			$userdata['report_access3_' . $forum_id] = false;
		}
		if ( !$userdata['report_access3_' . $forum_id] && !$no_msg )
		{
			message_die(GENERAL_ERROR, 'Report_no_access');
		}
		return $userdata['report_access3_' . $forum_id];
	}
	function login_redirect($redirect)
	{
		global $phpEx;
		// For phpBB versions >= 2.0.4
		redirect( append_sid("login.$phpEx?redirect=$redirect", true) );
		// For phpBB versions <= 2.0.3
		/*
		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
		header($header_location . append_sid("login.$phpEx?redirect=$redirect", true));
		exit;
		*/
	}
}
$rp = new Report_post_class;

?>
